﻿<%
'*****************************************************************
'** 函数名: CodeIsTrue
'** 功能描述:检查验证码是否正确。
'** 创建人:Huangcm
'** 创建日期:2006-9-5
'** 调用示例：CodeIsTrue()
'** If CodeIsTrue() = False Then
'** 	Response.write "<script language=javascript>alert('验证码校验失败，请返回刷新页面后再输入验证码	
'**		...');window.self.location.href='login.asp';<'/script>"
'**		Response.End			
'** End If		

'*****************************************************************
'
Public Function CodeIsTrue()

	Dim CodeStr

	CodeStr = Request.Form("validate")
	
	If CStr(Session("rndcodes"))=CStr(CodeStr) And Session("rndcodes")<>""   Then
		CodeIsTrue=True
		Session("rndcodes")=empty
	Else
		CodeIsTrue=False
		Session("rndcodes")=empty
	End If
	
End Function


Sub CheckLogin()    

	'If CodeIsTrue()=False Then
		'alertBox "验证码检验失败!","javascript:history.go(-1)"
		'Exit Sub
	'End If

	UserName = get_safecode(Request.Form("uname"))
	password = get_safecode(Request.Form("password"))

	password = MD5(password)

	sql="SELECT * FROM Admin_user  WHERE Admin_UserName = '" & UserName & "' AND Admin_Password ='" &password& "'"

	rs.open sql,conn

	If rs.EOF And rs.BOF Then
	
		Call conn_close()
		alertBox "用户名或密码错误!","javascript:history.go(-1)"
				
	Else
		
		Admin_UserId = rs("Admin_UserId")
		
		Session("Admin_UserId")    = rs("Admin_UserId")
		Session("Admin_UserName")  = rs("Admin_UserName")
		Session("Admin_SuperUser") = rs("Admin_SuperUser")
		
		Client_IP = get_clientip()

		sql = "UPDATE Admin_user SET Admin_Last_LoginDate ='" & Now() & "' ,Admin_Last_LoginIP = '" & Client_IP & "' WHERE Admin_UserId = " &Admin_UserId

		conn.execute(sql)

		
		sql = "INSERT INTO Admin_Log(Log_UserName,Log_Date,Log_IP) VALUES (" &_
			  "'"& Session("Admin_UserName") &"'"&_
			  ",'"& Now() &"'"&_
			  ",'"& Client_IP &"'"&_
			  ")"
		conn.execute(sql)


		Call Conn_Close()
		response.redirect "/2010admin/Admin_main.asp"


	End If
	
End Sub

Sub Logout()

	Session("Admin_UserName") = ""
	'writebr "logout"
	'endd
	response.Write"<script>top.location.href='/2010admin/';</script>"
	'response.redirect "/2010admin/Index.asp"

End Sub 
%>

